package com.controller.briuptest;

import com.pojo.User;
import com.service.UserService;
import com.utils.Result;
import com.utils.ResultCode;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpSession;
import java.util.List;

//用户权限模块
@Controller
@RequestMapping("/role")
public class RoleController {
    @Autowired
    private UserService userService;
    @RequestMapping(value = "/all", method = RequestMethod.GET)
    @ResponseBody
    public Result findById(HttpSession httpSession) throws Exception {
        User user = (User) httpSession.getAttribute("user");
        List<User> userList = userService.findAllUser();
        System.out.println(userList);
        String[] authority = user.getAuthority();
        for (String s : authority) {
            if (s.equals("查询")) {
                return Result.SUCCESS(userList, ResultCode.SEARCH_SUCCESS);
            }
        }
        return Result.failure(ResultCode.DATA_EXISTED);
    }

    @RequestMapping(value = "/add", method = RequestMethod.POST)
    @ResponseBody
    public Result addUser(HttpSession httpSession, @RequestBody User user) throws Exception {
        User requestUser = (User) httpSession.getAttribute("user"); //发出请求的对象
        String[] authority = requestUser.getAuthority();
        for (String s : authority) {
            System.out.println(s.equals("增加"));
            if (s.equals("增加")) {
                if (userService.addUser(user)) {
                    return Result.SUCCESS(user, ResultCode.ADD_SUCCESS);
                } else return Result.failure(ResultCode.DATA_WRONG);
            }
        }
        return Result.failure(ResultCode.PERMISSION_NO_ADD);
    }

    @RequestMapping(value = "/update", method = RequestMethod.PUT)
    @ResponseBody
    public Result updateUser(HttpSession httpSession, @RequestBody User user) throws Exception {
        User requestUser = (User) httpSession.getAttribute("user"); //发出请求的对象
        String[] authority = requestUser.getAuthority();
        for (String s : authority) {
            if (s.equals("修改")) {
                if (userService.updateUser(user)) {
                    return Result.SUCCESS(user, ResultCode.UPDATE_SUCCESS);
                } else return Result.failure(ResultCode.DATA_WRONG);
            }
        }
        return Result.failure(ResultCode.PERMISSION_NO_UPDATE);
    }

    @RequestMapping(value = "/delete/{id}",method = RequestMethod.DELETE)
    public ModelAndView deleteUser(HttpSession httpSession, @PathVariable("id") Integer id) throws Exception {
        ModelAndView modelAndView=new ModelAndView();
        modelAndView.setViewName("error");
        User requestUser = (User) httpSession.getAttribute("user"); //发出请求的对象
        String role = requestUser.getRole();
        System.out.println(role);
        if (role.equals("管理员")) {
            if (userService.deleteUser(id)) {
                System.out.println("管理员删除");
                modelAndView.addObject("msg","删除成功");
                return modelAndView;
            }
        }
        modelAndView.addObject("msg","用户权限不足");
        return modelAndView;
    }
}
